GNU SharUtils UUDecode Symbolic Link Attack Vulnerability

Bugtraq ID: 4742
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: May 14 2002 12:00AM
Updated: May 14 2002 12:00AM
Credit: This vulnerability discovery credited to AERAsec.
Vulnerable: SCO Open Server 5.0.7
SCO Open Server 5.0.6
Redhat sharutils-4.2.1-8.7.x.i386.rpm
+ Redhat Enterprise Linux AS 2.1
GNU sharutils 4.2
+ Caldera OpenUnix 8.0
+ Caldera UnixWare 7.1.1
+ HP Secure OS software for Linux 1.0
+ Redhat Linux 7.2 ia64
+ Redhat Linux 7.2 i386
+ Redhat Linux 7.1 ia64
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 alpha
+ Redhat Linux 7.0 i386
+ Redhat Linux 7.0 alpha
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha
Compaq Tru64 5.1 a PK3 (BL3)
Compaq Tru64 5.1 PK5 (BL19)
Compaq Tru64 5.0 a PK3 (BL17)
Compaq Tru64 4.0 g PK3 (BL17)
Compaq Tru64 4.0 f PK7 (BL18)
Caldera OpenLinux Workstation 3.1.1
Caldera OpenLinux Workstation 3.1
Caldera OpenLinux Server 3.1.1
Caldera OpenLinux Server 3.1
Avaya Intuity R5 R5.1.46
Not Vulnerable: GNU sharutils 4.2.1
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
+ HP Secure OS software for Linux 1.0
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Redhat Fedora Core3
+ Redhat Linux 7.2 ia64
+ Redhat Linux 7.2 i386
+ Redhat Linux 7.1 ia64
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 alpha
+ Redhat Linux 7.0 i386
+ Redhat Linux 7.0 alpha
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha
+ Turbolinux Appliance Server 1.0 Workgroup Edition
+ Turbolinux Appliance Server 1.0 Hosting Edition
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32


 

Privacy Statement
Copyright 2010, SecurityFocus